const { getHeader, setHeader } = require('./helper')

module.exports = function (message, env) {
    if (message.request.status) {
        return message;
    }

    if (message.request.path.indexOf('.') === 0) {
        message.response.status === 403;
        return message;
    }
    // b 源允许 a 源访问
    setHeader(message.response.headers, 'Access-Control-Allow-Origin', 'http://a.com');
    setHeader(message.response.headers, 'Access-Control-Allow-Credentials', 'true');
    return message;
}